Archived TD0231: FCS_TLSS_EXT.1.2 - Removal of SSL 1.0
The SSL 1.0 protocol was never publically released and the test cannot be executed using the SSL 1.0 protocol.
SSL 1.0 should be removed from the FCS_TLSS_EXT.1.2 SFR and Test Activity.
The [selection: TSF, TOE platform] shall deny connections from clients requesting SSL 1.0, SSL 2.0, SSL 3.0 and [selection: TLS 1.0, TLS 1.1, no other TLS version].
The evaluator shall send a Client Hello requesting a connection with version SSL 1.0 and verify that the server denies the connection. The evaluator shall repeat this test with SSL 2.0 and SSL 3.0 and any selected TLS versions.
The evaluator shall send a Client Hello requesting a connection for all mandatory and selected protocol versions in the SFR (e.g., by enumeration of protocol versions in a test client) and verify that the server denies the connection for each attempt.
See Issue Description; aligns with NIT Decision #201664 https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfi201664.pdf